urlscan.io logo urlscan.io
SecurityTrails logo

tarifladen24.de Open in urlscan Pro
2a02:2350:5:109:80a4:30c1:1202:d9b4  Public Scan

Go To Rescan Add Verdict Report
URL: http://tarifladen24.de/
Submission: On March 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 20 domains to perform 86 HTTP transactions. The main IP is 2a02:2350:5:109:80a4:30c1:1202:d9b4, located in Denmark and belongs to ONECOM, DK. The main domain is tarifladen24.de.
This is the only time tarifladen24.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 2a02:2350:5:1... 51468 (ONECOM)
2 2 2.19.44.80 16625 (AKAMAI-AS)
1 217.79.188.11 24961 (MYLOC-AS ...)
6 193.227.195.217 29037 (TELIKO-AS)
1 2 193.238.60.41 34624 (MEGASPACE-AS)
1 4 2a01:488:42:1... 20773 (GODADDY)
1 193.238.62.106 34624 (MEGASPACE-AS)
1 2600:9000:223... 16509 (AMAZON-02)
3 167.233.13.224 24940 (HETZNER-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
1 18.66.137.49 16509 (AMAZON-02)
3 142.250.180.230 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
4 142.250.201.194 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
86 17
20    2a02:2350:5:109:80a4:30c1:1202:d9b4 (Denmark)

ASN51468 (ONECOM, DK)
tarifladen24.de
2    2.19.44.80 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-44-80.deploy.static.akamaitechnologies.com
www.awin1.com
1    217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
6    193.227.195.217 (Germany)

ASN29037 (TELIKO-AS, DE)
PTR: h.deutschlandsim.de
h.handyvertrag.de
h.premiumsim.de
h.winsim.de
h.simplytel.de
h.sim.de
h.smartmobil.de
2    193.238.60.41 (Germany)

ASN34624 (MEGASPACE-AS, DE)
PTR: m1.tarifvergleich.rapidhost.de
a.check24.net
files.check24.net
4    2a01:488:42:1000:b24d:7590:ff6e:e399 (Germany)

ASN20773 (GODADDY, DE)
www.communicationads.net
1    193.238.62.106 (Germany)

ASN34624 (MEGASPACE-AS, DE)
a.partner-versicherung.de
1    2600:9000:223f:3200:11:19ae:9580:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2a54pfih9ionq.cloudfront.net
3    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
partner.blau.de
1    2606:4700::6813:a860 (United States)

ASN13335 (CLOUDFLARENET, US)
js.srvtrck.com
8    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    18.66.137.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-49.fra60.r.cloudfront.net
dnlgm0m0r44nl.cloudfront.net
3    142.250.180.230 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net
ad.doubleclick.net
10    2a00:1450:400d:80a::2006 (Ireland)

ASN15169 (GOOGLE, US)
s0.2mdn.net
12    2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    142.250.201.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net
googleads4.g.doubleclick.net
6    2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2606:4700::6813:a960 (United States)

ASN13335 (CLOUDFLARENET, US)
hades.srvtrck.com
i.srvtrck.com
Apex Domain
Subdomains		 Transfer
20 tarifladen24.de
tarifladen24.de
127 KB
18 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
137 KB
10 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
301 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
186 KB
7 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 171
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319
55 KB
6 srvtrck.com
js.srvtrck.com — Cisco Umbrella Rank: 494189
hades.srvtrck.com — Cisco Umbrella Rank: 549764
i.srvtrck.com — Cisco Umbrella Rank: 232146
25 KB
4 communicationads.net
www.communicationads.net — Cisco Umbrella Rank: 338143
2 KB
2 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 79815
2 KB
2 cloudfront.net
d2a54pfih9ionq.cloudfront.net
dnlgm0m0r44nl.cloudfront.net
1003 B
2 check24.net
a.check24.net
files.check24.net
42 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16123
940 B
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 113467
853 B
1 partner-versicherung.de
a.partner-versicherung.de
6 KB
1 smartmobil.de
h.smartmobil.de
5 KB
1 sim.de
h.sim.de
2 KB
1 simplytel.de
h.simplytel.de
4 KB
1 winsim.de
h.winsim.de
3 KB
1 premiumsim.de
h.premiumsim.de
2 KB
1 handyvertrag.de
h.handyvertrag.de
22 KB
1 adition.com
imagesrv.adition.com — Cisco Umbrella Rank: 17484
233 KB
86 20
Domain Requested by
20 tarifladen24.de tarifladen24.de
12 pagead2.googlesyndication.com ad.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
tarifladen24.de
s0.2mdn.net
www.googletagservices.com
10 s0.2mdn.net ad.doubleclick.net
s0.2mdn.net
8 www.googletagservices.com partner.o2online.de
partner.blau.de
www.googletagservices.com
ad.doubleclick.net
s0.2mdn.net
6 tpc.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
s0.2mdn.net
4 hades.srvtrck.com js.srvtrck.com
hades.srvtrck.com
4 googleads4.g.doubleclick.net ad.doubleclick.net
4 www.communicationads.net 1 redirects tarifladen24.de
3 ad.doubleclick.net www.googletagservices.com
2 partner.o2online.de tarifladen24.de
www.communicationads.net
2 www.awin1.com 2 redirects
1 i.srvtrck.com
1 dnlgm0m0r44nl.cloudfront.net js.srvtrck.com
1 js.srvtrck.com tarifladen24.de
1 partner.blau.de www.communicationads.net
1 d2a54pfih9ionq.cloudfront.net tarifladen24.de
1 a.partner-versicherung.de tarifladen24.de
1 h.smartmobil.de tarifladen24.de
1 h.sim.de tarifladen24.de
1 h.simplytel.de tarifladen24.de
1 h.winsim.de tarifladen24.de
1 h.premiumsim.de tarifladen24.de
1 files.check24.net tarifladen24.de
1 a.check24.net 1 redirects
1 h.handyvertrag.de tarifladen24.de
1 imagesrv.adition.com tarifladen24.de
86 26
Subject Issuer Validity Valid
*.handyvertrag.de
Sectigo ECC Domain Validation Secure Server CA		 2022-03-08 -
2023-04-08		 a year crt.sh
*.communicationads.net
Starfield Secure Certificate Authority - G2		 2022-08-19 -
2023-08-19		 a year crt.sh
*.premiumsim.de
Sectigo ECC Domain Validation Secure Server CA		 2022-07-19 -
2023-08-19		 a year crt.sh
*.winsim.de
Sectigo ECC Domain Validation Secure Server CA		 2023-01-24 -
2024-02-24		 a year crt.sh
*.simplytel.de
Sectigo ECC Domain Validation Secure Server CA		 2022-04-05 -
2023-05-06		 a year crt.sh
*.sim.de
Sectigo ECC Domain Validation Secure Server CA		 2022-11-28 -
2023-12-29		 a year crt.sh
*.smartmobil.de
Sectigo ECC Domain Validation Secure Server CA		 2022-03-08 -
2023-04-08		 a year crt.sh
partner-versicherung.de
R3		 2023-02-05 -
2023-05-06		 3 months crt.sh
partner.o2online.de
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-16 -
2024-01-23		 a year crt.sh
partner.blau.de
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-16 -
2024-01-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh

This page contains 13 frames:

Primary Page: http://tarifladen24.de/
Frame ID: 8EAA455F2FC587C65E7D620F92F99ED6
Requests: 36 HTTP requests in this frame

Frame: https://partner.o2online.de/o2/?nw=coad&affiliate=12264&s_id=12264C16024479F&camp=channel5&size=120x600&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C16024479F%2526subid%253D%2526deepurl%253D
Frame ID: 2F444CFCB0A5BABFD64F92C02272D5F7
Requests: 3 HTTP requests in this frame

Frame: https://partner.blau.de/blau/?nw=coad&affiliate=12264&s_id=12264C15227067F&dcm_placement=N773418.3163536BLAU_AFFILIATE/B20640314.219853399&size=120x60&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C15227067F%2526subid%253D%2526deepurl%253D
Frame ID: 112A86059DEF457F4B05B4F82CE223BD
Requests: 3 HTTP requests in this frame

Frame: https://partner.o2online.de/o2/?nw=coad&affiliate=12264&s_id=12264C16027754F&camp=logo&size=120x60&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C16027754F%2526subid%253D%2526deepurl%253D
Frame ID: 0D680B7E2D56E9117AF02DB25E564D31
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.228169874;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2020465299;ord=d9x5tk;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16027754F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dlogo%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16027754F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=58;prcl=s
Frame ID: 754970DB2595FB8A9D8BFCE141E8937C
Requests: 10 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.305649428;dc_ver=95.280;dc_eid=40004000;sz=120x600;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2027040027;ord=zjvxc8;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16024479F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dchannel5%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16024479F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=78;prcl=s
Frame ID: 3DA16900A0E909354D7968FEC55A19E1
Requests: 8 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/B20640314.219853399;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=BLU_AFF_CTA_EXA_35012;dc_adk=2036841227;ord=z34b68;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C15227067F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.blau.de%2Fa%2F%3Fi%3Dclick%26client%3Dblau%26camp%3Dlpurl%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C15227067F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=!c.JgCk-S5;stc=1;sttr=73;prcl=s
Frame ID: 8A74146ECD1B96DB992F6F4F95E25E22
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C6DB8CF9CB0F66CE211D32C3EFDDADCC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5A8B90F3D0293C72A85D2E7476D410EB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
Frame ID: 041EF33151FC98504D14EEED24A0BCF1
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
Frame ID: F0D22A69A74CE7CFAEED5D193EDB48BF
Requests: 1 HTTP requests in this frame

Frame: http://hades.srvtrck.com/v2/uuid.html
Frame ID: F162D4AF5A3D8BC9B1DB226D7AF75142
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
Frame ID: F5A3CF3B03E6995A7C8277C344596059
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kostenloser KFZ-Versicherungsvergleich – Kostenlos KFZ-Versicherung vergleichen und beim Wechsel bares Geld sparen

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Page Statistics

86
Requests

65 %
HTTPS

50 %
IPv6

20
Domains

26
Subdomains

17
IPs

4
Countries

1154 kB
Transfer

2090 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://www.awin1.com/cshow.php?s=2259291&v=12554&q=347929&r=397277 HTTP 302
  • https://imagesrv.adition.com/banners/3202/syncbanners/DSL_Banner/dsl_an_728x90.gif
Request Chain 5
  • https://a.check24.net/misc/view.php?pid=118979&aid=82&cat=4 HTTP 302
  • https://files.check24.net/ads/82
Request Chain 18
  • https://www.awin1.com/cshow.php?s=2274463&v=11704&q=349552&r=397277 HTTP 302
  • https://d2a54pfih9ionq.cloudfront.net/blank/gif/120/60
Request Chain 19
  • https://www.communicationads.net/tb.php?t=12264V16024479F HTTP 302
  • https://partner.o2online.de/o2/?nw=coad&affiliate=12264&s_id=12264C16024479F&camp=channel5&size=120x600&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C16024479F%2526subid%253D%2526deepurl%253D

86 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tarifladen24.de/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tarifladen24.de/
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache / PHP/8.0.28
Resource Hash
7a3f53998c0240b1a7f8f6ce20da5feb2c35fd303c7070c520e3a5217d2c9871

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3582
Content-Type
text/html; charset=utf-8
Date
Wed, 08 Mar 2023 06:19:35 GMT
Server
Apache
Vary
Accept-Encoding
Via
1.1 webcache2 (Varnish/trunk)
X-Powered-By
PHP/8.0.28
X-Varnish
313921373
layout.css
tarifladen24.de/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://tarifladen24.de/css/layout.css
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
8d1fd49e0ec09384c82edcbb42a70783e49cd37b0f740862be93ba1194087720

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:35 GMT
Content-Encoding
gzip
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:24 GMT
Server
Apache
Age
0
ETag
"22e2-542ec3223a79d-gzip"
Vary
Accept-Encoding
Content-Type
text/css
X-Varnish
313921375
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1745
button_onlinevergleich_big.gif
tarifladen24.de/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tarifladen24.de/images/button_onlinevergleich_big.gif
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
d4b484f84ef0081a1ce31561b14adfac4efe2d74a22c3bef8b7b4680a3285d5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:35 GMT
Server
Apache
Age
0
ETag
"ec1-542ec32cfa604"
X-Varnish
174120358
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3777
button_onlinevergleich.gif
tarifladen24.de/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tarifladen24.de/images/button_onlinevergleich.gif
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
3ae81187a4408a563581902cd0fbc3c481cf4a23edafd0fc3173ef49459eda4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:34 GMT
Server
Apache
Age
0
ETag
"6c0-542ec32bfd961"
X-Varnish
313921377
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1728
dsl_an_728x90.gif
imagesrv.adition.com/banners/3202/syncbanners/DSL_Banner/
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2259291&v=12554&q=347929&r=397277
  • https://imagesrv.adition.com/banners/3202/syncbanners/DSL_Banner/dsl_an_728x90.gif
233 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/3202/syncbanners/DSL_Banner/dsl_an_728x90.gif
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
H2
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
906b52ab53f50275ac2bcbe9dc652a7b93ab7e35790ae108c5794928bf0837f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 08 Mar 2023 06:19:36 GMT
last-modified
Wed, 01 Mar 2023 10:51:46 GMT
accept-ranges
bytes
etag
"39525676"
content-length
238596
content-type
image/gif

Redirect headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://imagesrv.adition.com/banners/3202/syncbanners/DSL_Banner/dsl_an_728x90.gif
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
banner.gif
h.handyvertrag.de/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.handyvertrag.de/banner.gif?promotion_partner_id=30384&promotion_product_id=7036&promotion_channel_id=22217
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.227.195.217 , Germany, ASN29037 (TELIKO-AS, DE),
Reverse DNS
h.deutschlandsim.de
Software
nginx /
Resource Hash
7fe8764d9afa653bb315e024180c51d0d1bd7639dff0a6c1526b5a479ba29ca8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Fri, 07 Apr 2023 08:19:36 +0200
pragma
no-cache
date
Wed, 08 Mar 2023 06:19:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 08 Mar 2023 06:19:36 GMT
server
nginx
x-location
wildcard
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-served-by
My Servlet Handler
82
files.check24.net/ads/
Redirect Chain
  • https://a.check24.net/misc/view.php?pid=118979&aid=82&cat=4
  • https://files.check24.net/ads/82
41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.check24.net/ads/82
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
H2
Server
193.238.60.41 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
m1.tarifvergleich.rapidhost.de
Software
nginx /
Resource Hash
f0bccccee4d97f367f3bfc561e1536ee159ee43cb4c05fc5b90b215d5a38e51f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 06:19:36 GMT
last-modified
Thu, 25 Mar 2021 07:53:22 GMT
server
nginx
accept-ranges
bytes
etag
"605c4172-a53c"
content-length
42300
content-type
application/octet-stream

Redirect headers

location
https://files.check24.net/ads/82
date
Wed, 08 Mar 2023 06:19:36 GMT
server
nginx
content-type
text/html; charset=UTF-8
tb.php
www.communicationads.net/ 		0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.communicationads.net/tb.php?t=12264V24930820B
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:488:42:1000:b24d:7590:ff6e:e399 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Server
Apache
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
box_top_302px_left.gif
tarifladen24.de/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tarifladen24.de/images/box_top_302px_left.gif
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
b8ca00327e7965b1e6aa199e0bf3adf8574ff42a30e0ed6987675607c680f06f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:32 GMT
Server
Apache
Age
0
ETag
"4ab6-542ec329c0b13"
X-Varnish
271106702
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19126
button_weiterlesen.gif
tarifladen24.de/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tarifladen24.de/images/button_weiterlesen.gif
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
0f00cb4377fe0792751cb1c7d42dddd470c7d20073ca38106a7a298e59f269d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:35 GMT
Server
Apache
Age
0
ETag
"658-542ec32d2e367"
X-Varnish
280736311
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1624
box_top_302px_right.gif
tarifladen24.de/images/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tarifladen24.de/images/box_top_302px_right.gif
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
0572717e3aa5113a454b7797dd5e350ce10507db60362b34098665121c830c7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:33 GMT
Server
Apache
Age
0
ETag
"5582-542ec32aae04b"
X-Varnish
321095339
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21890
banner.png
h.premiumsim.de/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.premiumsim.de/banner.png?promotion_partner_id=30384&promotion_product_id=125&promotion_channel_id=22217
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.227.195.217 , Germany, ASN29037 (TELIKO-AS, DE),
Reverse DNS
h.deutschlandsim.de
Software
nginx /
Resource Hash
04068b22e97b7b69e191260979d1bc91d4a9d9d8c4ef6f10fafa0c56891dcf01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Fri, 07 Apr 2023 08:19:36 +0200
pragma
no-cache
date
Wed, 08 Mar 2023 06:19:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 08 Mar 2023 06:19:36 GMT
server
nginx
x-location
wildcard
content-type
image/png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-served-by
My Servlet Handler
banner.png
h.winsim.de/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.winsim.de/banner.png?promotion_partner_id=30384&promotion_product_id=1&promotion_channel_id=22217
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.227.195.217 , Germany, ASN29037 (TELIKO-AS, DE),
Reverse DNS
h.deutschlandsim.de
Software
nginx /
Resource Hash
57145153f81324ae965b6c5472578ebb2ade275a84d5203b2d10e25db82f8077
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Fri, 07 Apr 2023 08:19:36 +0200
pragma
no-cache
date
Wed, 08 Mar 2023 06:19:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 08 Mar 2023 06:19:36 GMT
server
nginx
x-location
wildcard
content-type
image/png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-served-by
My Servlet Handler
banner.png
h.simplytel.de/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.simplytel.de/banner.png?promotion_partner_id=30384&promotion_product_id=6799&promotion_channel_id=22217
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.227.195.217 , Germany, ASN29037 (TELIKO-AS, DE),
Reverse DNS
h.deutschlandsim.de
Software
nginx /
Resource Hash
81ada7101073041b1352ea5a4dc1783f745d371ec0b884d7cfd92982cb899e89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Fri, 07 Apr 2023 08:19:36 +0200
pragma
no-cache
date
Wed, 08 Mar 2023 06:19:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 08 Mar 2023 06:19:36 GMT
server
nginx
x-location
wildcard
content-type
image/png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-served-by
My Servlet Handler
banner.png
h.sim.de/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.sim.de/banner.png?promotion_partner_id=30384&promotion_product_id=3640&promotion_channel_id=22217
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.227.195.217 , Germany, ASN29037 (TELIKO-AS, DE),
Reverse DNS
h.deutschlandsim.de
Software
nginx /
Resource Hash
0afc605c841dba9b7301501168a2b7739bb0c6a909f08a2467f7039fa7fb0af9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Fri, 07 Apr 2023 08:19:36 +0200
pragma
no-cache
date
Wed, 08 Mar 2023 06:19:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 08 Mar 2023 06:19:36 GMT
server
nginx
x-location
wildcard
content-type
image/png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-served-by
My Servlet Handler
banner.jpeg
h.smartmobil.de/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.smartmobil.de/banner.jpeg?promotion_partner_id=30384&promotion_product_id=67&promotion_channel_id=22217
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.227.195.217 , Germany, ASN29037 (TELIKO-AS, DE),
Reverse DNS
h.deutschlandsim.de
Software
nginx /
Resource Hash
6491a23884c5fe854fed22b5c3009971932fda9e052036aaea34a6abb800e466
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Fri, 07 Apr 2023 08:19:36 +0200
pragma
no-cache
date
Wed, 08 Mar 2023 06:19:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 08 Mar 2023 06:19:36 GMT
server
nginx
x-location
wildcard
content-type
image/png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-served-by
My Servlet Handler
tb.php
www.communicationads.net/ 		469 B
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.communicationads.net/tb.php?t=12264V15227067F&js=1
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:488:42:1000:b24d:7590:ff6e:e399 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
Apache /
Resource Hash
f2af67735eaba377798b2d8a2e6a2dd6cceccb1bcdaf4c4c3d25120c7dc7b3b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Server
Apache
Connection
keep-alive
Content-Length
469
Content-Type
text/html; charset=UTF-8
tb.php
www.communicationads.net/ 		417 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.communicationads.net/tb.php?t=12264V16027754F&js=1
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:488:42:1000:b24d:7590:ff6e:e399 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
Apache /
Resource Hash
06a0713e77e4e88fc42ae00d6e240af2480445da2894071b3e781acbedde93db

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Server
Apache
Connection
keep-alive
Content-Length
417
Content-Type
text/html; charset=UTF-8
view.php
a.partner-versicherung.de/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.partner-versicherung.de/view.php?partner_id=92080&ad_id=1167
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.238.62.106 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
243c68000933eb03b6c36edb700a4f675ae811b68ba51136462d89d936347711

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-server-identity
vpp-new
pragma
no-cache
date
Wed, 08 Mar 2023 06:19:36 GMT
server
nginx
content-length
5790
content-type
image/jpeg
60
d2a54pfih9ionq.cloudfront.net/blank/gif/120/
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2274463&v=11704&q=349552&r=397277
  • https://d2a54pfih9ionq.cloudfront.net/blank/gif/120/60
232 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2a54pfih9ionq.cloudfront.net/blank/gif/120/60
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
H2
Server
2600:9000:223f:3200:11:19ae:9580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
2e7a418b9e9f117e5171198899e304b6cd9a413f082f4565af7880bff97de0a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 03:02:03 GMT
via
1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
age
4072653
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
content-length
232
x-amz-cf-id
PTM2WUdARFWhPugdRbMEw9DcRw7XwIyuSVpeAFWbmt5EVPyCJSI4Iw==

Redirect headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://d2a54pfih9ionq.cloudfront.net/blank/gif/120/60
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
/
partner.o2online.de/o2/ Frame 2F44
Redirect Chain
  • https://www.communicationads.net/tb.php?t=12264V16024479F
  • https://partner.o2online.de/o2/?nw=coad&affiliate=12264&s_id=12264C16024479F&camp=channel5&size=120x600&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C16024479F%25...
1011 B
859 B 		Document
General
Check archive.org
Download Go to
Full URL
https://partner.o2online.de/o2/?nw=coad&affiliate=12264&s_id=12264C16024479F&camp=channel5&size=120x600&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C16024479F%2526subid%253D%2526deepurl%253D
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2474212dd52c4112a64c29b17b34c51f18a43d374a61379c9c9ae5671937f69f

Request headers

Referer
http://tarifladen24.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Mar 2023 06:19:36 GMT
Keep-Alive
timeout=10
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Mar 2023 06:19:36 GMT
Location
https://partner.o2online.de/o2/?nw=coad&affiliate=12264&s_id=12264C16024479F&camp=channel5&size=120x600&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C16024479F%2526subid%253D%2526deepurl%253D
Server
Apache
body_background.gif
tarifladen24.de/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tarifladen24.de/images/body_background.gif
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
714cfd35dc25d26520563c8e3b6d812c0554e733e27337ab7b71b2504ec010f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/css/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:26 GMT
Server
Apache
Age
0
ETag
"4ec-542ec3249ae8c"
X-Varnish
174120360
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1260
arrow.gif
tarifladen24.de/images/ 		48 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tarifladen24.de/images/arrow.gif
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
eb83f5acc18b9ecc8591fe3ffe0b9b2c235b957776d14216d230bac55e0bd228

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/css/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:26 GMT
Server
Apache
Age
0
ETag
"30-542ec323dcf59"
X-Varnish
313038288
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48
header_background.jpg
tarifladen24.de/images/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tarifladen24.de/images/header_background.jpg
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
2424c6c57f79cac0e6095f5b086fea628c2263fa67cbf14647d959a0f658ab52

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/css/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:37 GMT
Server
Apache
Age
0
ETag
"aa54-542ec32e4e3d8"
X-Varnish
297705730
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43604
kennzeichen.gif
tarifladen24.de/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tarifladen24.de/images/kennzeichen.gif
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
a2b051092403ea90e2fce266220427915411fa794c72c96f5e00e2c2a80396af

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/css/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:38 GMT
Server
Apache
Age
0
ETag
"12d5-542ec32f93f4c"
X-Varnish
280736313
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4821
menu_line.gif
tarifladen24.de/images/ 		191 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tarifladen24.de/images/menu_line.gif
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
d33af8f86752679e915fe8cf12599b0061af4e90cd392dbbacaf811bb1742161

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/css/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:38 GMT
Server
Apache
Age
0
ETag
"bf-542ec32fe21ca"
X-Varnish
322340762
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
191
box_top_624px.gif
tarifladen24.de/images/ 		290 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tarifladen24.de/images/box_top_624px.gif
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
6f722718fdece23485ef5db35aa80256b82537482bf2a9de0834555775829cfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/css/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:34 GMT
Server
Apache
Age
0
ETag
"122-542ec32b71ea3"
X-Varnish
174120364
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
290
box_background_money.gif
tarifladen24.de/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tarifladen24.de/images/box_background_money.gif
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
19598680e5c40d93d35cd6c8183f0dc593705c8cfea1c05ea8256bc8d649eb7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/css/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:30 GMT
Server
Apache
Age
0
ETag
"3ad8-542ec3280d552"
X-Varnish
313921379
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15064
icon_info.gif
tarifladen24.de/images/ 		652 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tarifladen24.de/images/icon_info.gif
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
52ba6659eb876aa05c5b698833447305c2df665fbbbd94677f26854ade4cf605

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/css/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:37 GMT
Server
Apache
Age
0
ETag
"28c-542ec32e7426c"
X-Varnish
174120362
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
652
box_bottom_624px.gif
tarifladen24.de/images/ 		231 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tarifladen24.de/images/box_bottom_624px.gif
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
e5ca41da0d597b0c2ae816145658a87571b3c6ae618ccfa93d5eda78b788eb21

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/css/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:31 GMT
Server
Apache
Age
0
ETag
"e7-542ec32899800"
X-Varnish
317722218
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
231
box_background_302px.gif
tarifladen24.de/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tarifladen24.de/images/box_background_302px.gif
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
2ae2ce4c5f63c1484fe1acbea15541ca8f33d896490ccfc6b260999d4cde480a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/css/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:28 GMT
Server
Apache
Age
0
ETag
"ecf-542ec3260ba3b"
X-Varnish
322340764
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3791
box_top_160px.gif
tarifladen24.de/images/ 		226 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tarifladen24.de/images/box_top_160px.gif
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
1ff68d043f2fcc6a25ba1db621caa76fef145cf714e8d37476aabce21adcb24f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/css/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:32 GMT
Server
Apache
Age
0
ETag
"e2-542ec3296f21d"
X-Varnish
280736315
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
226
box_background_160px.gif
tarifladen24.de/images/ 		54 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tarifladen24.de/images/box_background_160px.gif
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
a5f73138bb6bed6e9972e398f69ffc47231a43048f71b2d47f932af3f9f3cf53

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/css/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:27 GMT
Server
Apache
Age
0
ETag
"36-542ec32574cf2"
X-Varnish
317722216
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
54
/
partner.blau.de/blau/ Frame 112A 		992 B
853 B 		Document
General
Check archive.org
Download Go to
Full URL
https://partner.blau.de/blau/?nw=coad&affiliate=12264&s_id=12264C15227067F&dcm_placement=N773418.3163536BLAU_AFFILIATE/B20640314.219853399&size=120x60&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C15227067F%2526subid%253D%2526deepurl%253D
Requested by
Host: www.communicationads.net
URL: https://www.communicationads.net/tb.php?t=12264V15227067F&js=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c81e882179c6c3cc0d00eeb02d34d49a9d26909430277a2787715ff92c80dee3

Request headers

Referer
http://tarifladen24.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Mar 2023 06:19:36 GMT
Keep-Alive
timeout=10
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
/
partner.o2online.de/o2/ Frame 0D68 		1006 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://partner.o2online.de/o2/?nw=coad&affiliate=12264&s_id=12264C16027754F&camp=logo&size=120x60&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C16027754F%2526subid%253D%2526deepurl%253D
Requested by
Host: www.communicationads.net
URL: https://www.communicationads.net/tb.php?t=12264V16027754F&js=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fc1f4385c1a3ad166a1443ad717a86783c8d4bb9c750d633e71910fb33c951f5

Request headers

Referer
http://tarifladen24.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Mar 2023 06:19:36 GMT
Keep-Alive
timeout=10
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
box_bottom_160px.gif
tarifladen24.de/images/ 		168 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tarifladen24.de/images/box_bottom_160px.gif
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/css/layout.css
Protocol
HTTP/1.1
Server
2a02:2350:5:109:80a4:30c1:1202:d9b4 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
34bb20edc2ac928510891e0519111d3a7d0f5e5b04225fa7535a03bbe307b806

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/css/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Via
1.1 webcache2 (Varnish/trunk)
Last-Modified
Mon, 05 Dec 2016 16:58:30 GMT
Server
Apache
Age
0
ETag
"a8-542ec3284bb54"
X-Varnish
264781161
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
168
js
js.srvtrck.com/v1/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js.srvtrck.com/v1/js?api_key=45a113e64f22fc1d9ea50839c9d06469&site_id=eea180d7fdca4fb5931db8965ad6e030
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
HTTP/1.1
Server
2606:4700::6813:a860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
763604c9b336b676ecacc34cf333f408ed2582f7705978f6d99efddc14ce0544

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:36 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Wed, 08 Mar 2023 06:18:15 GMT
Server
cloudflare
Vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
Content-Type
application/javascript;charset=UTF-8
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7a48f7aede3c2c6f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
18414
Expires
Thu, 09 Mar 2023 06:19:36 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 0D68 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: partner.o2online.de
URL: https://partner.o2online.de/o2/?nw=coad&affiliate=12264&s_id=12264C16027754F&camp=logo&size=120x60&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C16027754F%2526subid%253D%2526deepurl%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.o2online.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 05:28:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 08 Mar 2023 06:28:22 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 2F44 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: partner.o2online.de
URL: https://partner.o2online.de/o2/?nw=coad&affiliate=12264&s_id=12264C16024479F&camp=channel5&size=120x600&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C16024479F%2526subid%253D%2526deepurl%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.o2online.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 05:28:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 08 Mar 2023 06:28:22 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 112A 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: partner.blau.de
URL: https://partner.blau.de/blau/?nw=coad&affiliate=12264&s_id=12264C15227067F&dcm_placement=N773418.3163536BLAU_AFFILIATE/B20640314.219853399&size=120x60&clickTag=https%253A%252F%252Fwww.communicationads.net%252Ftc.php%253Ft%253D12264C15227067F%2526subid%253D%2526deepurl%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.blau.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 05:28:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 08 Mar 2023 06:28:22 GMT
hjdebh67699dwnjldw00.js
dnlgm0m0r44nl.cloudfront.net/abp/ 		20 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
http://dnlgm0m0r44nl.cloudfront.net/abp/hjdebh67699dwnjldw00.js
Requested by
Host: js.srvtrck.com
URL: http://js.srvtrck.com/v1/js?api_key=45a113e64f22fc1d9ea50839c9d06469&site_id=eea180d7fdca4fb5931db8965ad6e030
Protocol
HTTP/1.1
Server
18.66.137.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-137-49.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7516842ff556ff708e84893bf1006bf21e38f04a3374d64b64fb4db461b8c49c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 09:06:06 GMT
Via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
Last-Modified
Mon, 24 Nov 2014 16:56:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
85818
ETag
"1db728e2d3216682f555d0c1e5b1127c"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20
X-Amz-Cf-Id
TO5ktZ-_hGn8MLwJ3A5q1u5NcRmTknjJpRrSaxtL7rfwAiIUVVDTVw==
impl_v95.js
www.googletagservices.com/dcm/ Frame 0D68 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.o2online.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 13:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 13:42:01 GMT
impl_v95.js
www.googletagservices.com/dcm/ Frame 2F44 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.o2online.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 13:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 13:42:01 GMT
impl_v95.js
www.googletagservices.com/dcm/ Frame 112A 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.blau.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 13:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 13:42:01 GMT
B21563916.228169874;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2020465299;ord=d9x5tk;click=https%3A%2F%2Fwww.communicationa...
ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/ Frame 7549 		55 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.228169874;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2020465299;ord=d9x5tk;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16027754F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dlogo%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16027754F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=58;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f6.1e100.net
Software
cafe /
Resource Hash
22c610d404ada4ee3fa5c7cce2fca03b1ae119ca721be879474160f67e533af9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://partner.o2online.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
26500
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Mar 2023 06:19:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
B21563916.305649428;dc_ver=95.280;dc_eid=40004000;sz=120x600;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2027040027;ord=zjvxc8;click=https%3A%2F%2Fwww.communication...
ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/ Frame 3DA1 		61 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.305649428;dc_ver=95.280;dc_eid=40004000;sz=120x600;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2027040027;ord=zjvxc8;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16024479F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dchannel5%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16024479F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=78;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f6.1e100.net
Software
cafe /
Resource Hash
f474bb6e52c05349e9f30b21f6e17d1c00e38b656dc5f837b46d72222ccca613
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://partner.o2online.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
28917
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Mar 2023 06:19:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
B20640314.219853399;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=BLU_AFF_CTA_EXA_35012;dc_adk=2036841227;ord=z34b68;click=https%3A%2F%2Fwww.communication...
ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/ Frame 8A74 		26 B
538 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/B20640314.219853399;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=BLU_AFF_CTA_EXA_35012;dc_adk=2036841227;ord=z34b68;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C15227067F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.blau.de%2Fa%2F%3Fi%3Dclick%26client%3Dblau%26camp%3Dlpurl%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C15227067F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=!c.JgCk-S5;stc=1;sttr=73;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f6.1e100.net
Software
cafe /
Resource Hash
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://partner.blau.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
23
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Mar 2023 06:19:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
354937379672003770
s0.2mdn.net/simgad/ Frame 7549 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/354937379672003770
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.228169874;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2020465299;ord=d9x5tk;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16027754F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dlogo%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16027754F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=58;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196a2877ed3b0dbaf6bd5a8292f2fe0baa135a143b21d3ccc0e7599af497ba4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 06:19:36 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2575
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 20:30:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Mar 2024 06:19:36 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/xfa/ Frame 7549 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.228169874;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2020465299;ord=d9x5tk;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16027754F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dlogo%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16027754F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=58;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1671892bf155231b5d530edb9e3bf829c3555be03e9f5d895953be65384c46e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 19:44:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
38086
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4277
x-xss-protection
0
server
cafe
etag
10285568641833337380
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Mar 2023 19:44:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/ Frame 3DA1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.305649428;dc_ver=95.280;dc_eid=40004000;sz=120x600;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2027040027;ord=zjvxc8;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16024479F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dchannel5%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16024479F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=78;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 13:42:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
59855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Mar 2023 13:42:01 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 3DA1 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.305649428;dc_ver=95.280;dc_eid=40004000;sz=120x600;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2027040027;ord=zjvxc8;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16024479F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dchannel5%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16024479F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=78;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Origin
https://ad.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 05:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2058
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Mar 2023 05:45:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7549 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.228169874;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2020465299;ord=d9x5tk;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16027754F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dlogo%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16027754F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=58;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 06:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49547
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678106210411282"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Mar 2023 06:19:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/ Frame 7549 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.228169874;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2020465299;ord=d9x5tk;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16027754F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dlogo%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16027754F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=58;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 13:42:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
59855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Mar 2023 13:42:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7549 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstp3MQuI0RKNZriBhTNzqfVR65Cpv5Prt_4kX0KloFX5F91MUtamI17XkNI8o218-icRaSHY6d2ebrhOl_EmNthYzPmM0TnMyxA7j-gUhTBTm7rHoovzmyE1DZKH1UVgVjDLx44Eh5O3msO&sai=AMfl-YTqdOFSS-erGYZqJ4oIdG1Jseg_CCPrwhJWaEx9dMSfi-hOrnhQzUAoKyaublJa9DsYh7uPGKNjmiXmDBc&sig=Cg0ArKJSzCUmlnOJRjIgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230302.14237&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.228169874;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2020465299;ord=d9x5tk;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16027754F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dlogo%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16027754F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=58;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 06:19:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Mar 2023 06:19:36 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7549 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.228169874;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2020465299;ord=d9x5tk;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16027754F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dlogo%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16027754F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=58;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 18:45:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41662
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Mar 2024 18:45:14 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3DA1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.305649428;dc_ver=95.280;dc_eid=40004000;sz=120x600;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2027040027;ord=zjvxc8;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16024479F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dchannel5%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16024479F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=78;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 18:45:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41662
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Mar 2024 18:45:14 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7549 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d3fc2406d7c2918fc9717d5ef6d4d9973febd526af8a74034cee87ddf49de8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 06:19:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5615
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C6DB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
41662
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 18:45:14 GMT
expires
Wed, 06 Mar 2024 18:45:14 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5A8B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
41662
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 18:45:14 GMT
expires
Wed, 06 Mar 2024 18:45:14 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7549 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstp3MQuI0RKNZriBhTNzqfVR65Cpv5Prt_4kX0KloFX5F91MUtamI17XkNI8o218-icRaSHY6d2ebrhOl_EmNthYzPmM0TnMyxA7j-gUhTBTm7rHoovzmyE1DZKH1UVgVjDLx44Eh5O3msO&sai=AMfl-YTqdOFSS-erGYZqJ4oIdG1Jseg_CCPrwhJWaEx9dMSfi-hOrnhQzUAoKyaublJa9DsYh7uPGKNjmiXmDBc&sig=Cg0ArKJSzCUmlnOJRjIgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=223&vt=11&dtpt=221&dett=2&cstd=0&cisv=r20230302.14237&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.228169874;dc_ver=95.280;dc_eid=40004001;sz=120x60;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2020465299;ord=d9x5tk;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16027754F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dlogo%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16027754F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=58;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 06:19:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Mar 2023 06:19:36 GMT
QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
pagead2.googlesyndication.com/bg/ Frame C6DB 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 13:42:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
59854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14167
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 13:42:03 GMT
QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
pagead2.googlesyndication.com/bg/ Frame 5A8B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 13:42:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
59854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14167
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 13:42:03 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7549 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 06:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Mar 2023 06:19:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3DA1 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 06:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49547
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678106210411282"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Mar 2023 06:19:37 GMT
120x600.html
s0.2mdn.net/sadbundle/13696017269262385152/ Frame 041E 		45 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1bfaa55f9c867045db19cbbb3c87608e7ce3f20ffa9db831a3c502001c2d538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Mar 2023 06:19:37 GMT
expires
Thu, 07 Mar 2024 06:19:37 GMT
last-modified
Tue, 27 Sep 2022 11:02:08 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3DA1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss_puEZBP10LQjBTI42whwmetr_fdqKDoQyraPpYuAfajH6ICUqXLj_8qlMwEiIVEt-8bMzH0wWEtGeG-1SI21mWeFbEvJNsB3TgJrQJXE9nAgv_Ed3ZsOEFTjaO4a5w4TrLKyxcZNV3s7V1bFQWLLP30ysg2sP&sai=AMfl-YRMwYCnssmm7M4Kx099XKj9FW3XKWDb62qxZkgPgQWtdW90CLZVC9m2tUxrXG2qyoBRiluY8DCoyL3fj1E&sig=Cg0ArKJSzAl1n5nGWs3_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=488&cbvp=1&cstd=475&cisv=r20230302.78281&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.305649428;dc_ver=95.280;dc_eid=40004000;sz=120x600;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2027040027;ord=zjvxc8;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16024479F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dchannel5%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16024479F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=78;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 06:19:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Mar 2023 06:19:37 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 041E 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 05:43:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2187
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Mar 2023 05:43:10 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 041E 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 06:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Mar 2023 06:19:37 GMT
hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
pagead2.googlesyndication.com/bg/ Frame F0D2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 05:20:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
3521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14408
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Mar 2024 05:20:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C6DB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BO1PE-CgIZNLvIpOp7gO76oi4DwAAAAA4AeAEAg&bg=!oqGlofXNAAbv3-2Ez987ADkAdvg8WsRqQynbzgJpGFu7fVJePB6JSLJftFWCnfY_EV5WBQm1K_L6TuVW03LGgTZuA1Brqlqakh4CAAABNlIAAAADaAEHCgBucP2ZV1mToghG0cabLDn26xCfSS0HYRbkhzIVwdlDhlUwAgma2Z4WRq0_GAf5U-4EszEeHgX1hycAO6dfCslYnaKZuKPv0RDy0bdTnR9TdBM1cUuzfVaGNo1TWu-o9pN_6z6fpecp-rxYLuEDno6ZAtR3cOO4A-uYoS-rxS634qDqt2tK8iBUmhnzxcoFyDN-tBZMSL6M3jrWWjQAdZSJWOPCHiAWbao27EoR3_owVqsFl-9usBombkD0cQCDR9oqWUE_9_0DA7ZxkbO8P9dtoAHnfmfpTKTbivbXFWbHveHarc24XwkRXyCwabR7VVbmn8MbGQmYCaDRxY3AbQ_4pZDCWMufVrObxh4bGjt38LcvwFondYz9qyOJS23WTIht5YhcegLhAGAbWjDxb7_LUKztz1wlNbyBb3eMwfIan_o1pE7nI1qIuID33Qvw9MZ4wczPmotAeJyyN0vKaE3gn5JokZuI_DYrdHj7yix6EyLMMHlHIvhmwrUtJirDfDeKbrdHg81VFjf5Bpdf4Pq9LW_rilAzt1jHFfSn4tqOO_jyGO_OavOy2tHQzdSPnCpkV2KgTQE04DijrG5x82bnjo3XWSscmlE5_BXCvKnrW7rzpXTam2IJVv71SkrGxnxqrq-uq-Mc_7rnmaCahCOymY5S6ghDLUntGo1aB9hlhxoW2U7z8hyuDecTeEFn1kq7ivFYx66JypVxb2pHtUvWEu_GO229RyuBXFIlAGQfvGb7qVpww7Ge0Mcr8voOGHt2ApF1jIy5s0eFz3nbIwP3TvvRExg_NPkE0VpXjEt1aBxccrJUWD2RQAhrETwF2O-Uy0nLGTQFwQ0tPRKU5DrD3CkCs1v1TCxMLEaqypiPq_5Nt0Q-j6Fn_AiqUgr3VI_C5CPqNymznTPNRqZAzJFpURSryGNGJbtBOs0zTZSOukTSFQXnHF-PNfFZZfzsNvhW_9J62jMT3aqeoJhC27U4dmEZCHD1J-REGPu209aPCbHBkFQYga8z9cFio8erjWL7E4F78JKP6tlmR9SRanK4wqp3yZjaVLOj5y_Njro4hYAHYPMX7TFuUgB_lme_AefHlH6_Avx5wKskm_xq7xoNE5A4Jdxl
Requested by
Host: tarifladen24.de
URL: http://tarifladen24.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Mar 2023 06:19:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A8B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOrZ6-CgIZJTrIpOp7gO76oi4DwAAAAA4AeAEAg&bg=!pKelp_PNAAbv3-2Ez987ADkAdvg8Wru2Qjqcgjam3STBAJC87LQ4Qni11ttB3zIq6DPlsfqpFaMR1tYvG2G3lhccKZMoH3uI4i4CAAAA7FIAAAADaAEHmQLOGUfe7Fr4yKd_3u755NRE9g88dsQTd8m-9yDD5wlceobupEoAYnuRA5gBTZ-fzbp_KZgz7MnTMvAeOBUlgWmD7SlEkAJERvhcQRmHBBkIruJ_CRx2_MxGM_J0CKHe98StCrVJNf9RixsxexvzYQXJpRkl4Y0eIv3eU_KbR18h-rynCaE8KGMZgcnxrcKI4GB8rBQixFjW7qfy9adXnZ71MXhMldKdIV9ghxmjOQaPuqetcy6y8JMT1AUV-28-K74aB2wWCbWb7OiW4TBG9HN3Pdu6bmD_uEm1buURUUId0XiUNWrCKaW5rRN-tbDJQOqCROsyNctPXtclG2rcDaP5KPQ1T4Yw8Jd2y4NsjW3UGSNA3WC5kkAVb7wy20Yvub6Gb1POyC6sD5MsA8cOEu8aFypOZJJSm2O_0lika7onxzuNEwBU7Ew12311KR0d0W86o1I6VyCcSjVdsE4fuPug00t-bEp5G50MKzYS-bUifl38Sc-Hr3Iaqz5Qdv-Fnyi-tBcmnMAdhbuIg5ydmPnDzUpGXYq4tcfK-eU2EBphFac980GlFhQdDa6QrykZS97TSVwh9j8wkNiF0Nt4NH1jrbHIcWeE0g8BmMXItfJlSya8S1Lkgh9vyoTteffNgbUIpsHlwtys7egguj1QUPmhCasGBBCQyNnt0Rc7fxnDhWG9i1zn2PyyeZXnEE6PtaWjeIgOZ2XU5WMsccs_r8g2B9VbzG77xeN__N_lBcYMzgIr8QWiOKICxojiID2XYnshnAInHWEd-qN1Cj1H647-VIL0_ng7ntsU03v8OsRvczeu1LvNAGH3oVxsLHEujFqAnn6mwLENuiWtvNP63dQGmZy--NiC8If5uZ6HdxmBqaBH9Gyy1usEP41TTXjXbK7VYJJ80bf3KuFtlP_SsufEtiKYfmK06guI1GBPbVTQAPZ_u_hFq9sUMcRU7_FFag
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.305649428;dc_ver=95.280;dc_eid=40004000;sz=120x600;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2027040027;ord=zjvxc8;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16024479F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dchannel5%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16024479F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=78;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Mar 2023 06:19:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3DA1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss_puEZBP10LQjBTI42whwmetr_fdqKDoQyraPpYuAfajH6ICUqXLj_8qlMwEiIVEt-8bMzH0wWEtGeG-1SI21mWeFbEvJNsB3TgJrQJXE9nAgv_Ed3ZsOEFTjaO4a5w4TrLKyxcZNV3s7V1bFQWLLP30ysg2sP&sai=AMfl-YRMwYCnssmm7M4Kx099XKj9FW3XKWDb62qxZkgPgQWtdW90CLZVC9m2tUxrXG2qyoBRiluY8DCoyL3fj1E&sig=Cg0ArKJSzAl1n5nGWs3_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=802&vt=11&dtpt=314&dett=3&cstd=475&cisv=r20230302.78281&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B21563916.305649428;dc_ver=95.280;dc_eid=40004000;sz=120x600;u_sd=1;kw=AFF_ca_12264__-;mco=AFF_ca_12264_-;pid=O2_AFF_CTA_EXA_15012;dc_adk=2027040027;ord=zjvxc8;click=https%3A%2F%2Fwww.communicationads.net%2Ftc.php%3Ft%3D12264C16024479F%26subid%3D%26deepurl%3Dhttps%3A%2F%2Fpartner.o2online.de%2Fa%2F%3Fi%3Dclick%26client%3Do2%26camp%3Dlpurl%26tcamp%3Dchannel5%26l%3Dde%26type%3Dhtml5%26nw%3Dcoad%26sid%3D12264C16024479F%26affiliate%3D12264%26lpurl%3D;dc_rfl=1,http%3A%2F%2Ftarifladen24.de%2F$0;xdt=1;crlt=IT'a*7KINT;stc=1;sttr=78;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 06:19:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Mar 2023 06:19:37 GMT
uuid.html
hades.srvtrck.com/v2/ Frame F162 		311 B
666 B 		Document
General
Check archive.org
Download Go to
Full URL
http://hades.srvtrck.com/v2/uuid.html
Requested by
Host: js.srvtrck.com
URL: http://js.srvtrck.com/v1/js?api_key=45a113e64f22fc1d9ea50839c9d06469&site_id=eea180d7fdca4fb5931db8965ad6e030
Protocol
HTTP/1.1
Server
2606:4700::6813:a960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd45713beee6c2428f11ad6444c6e2a6bbe1bfad330e68002052e9832a5dcc03

Request headers

Referer
http://tarifladen24.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
78055
CF-Cache-Status
HIT
CF-RAY
7a48f7b7bdb39238-FRA
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 08 Mar 2023 06:19:37 GMT
Expires
Thu, 09 Mar 2023 06:19:37 GMT
Last-Modified
Tue, 07 Mar 2023 01:19:31 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i
i.srvtrck.com/v1/ 		68 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.srvtrck.com/v1/i?e=pi&api_key=45a113e64f22fc1d9ea50839c9d06469&site_id=eea180d7fdca4fb5931db8965ad6e030&tid=c28ec74a-0f8d-43b2-aef6-d2eec2f50f6a&dch=gaia&tna=gaia&tv=0.147&title=Kostenloser%20KFZ-Versicherungsvergleich%20%E2%80%93%20Kostenlos%20KFZ-Versicherung%20vergleichen%20und%20beim%20Wechsel%20bares%20Geld%20sparen&refr=&page=http%3A%2F%2Ftarifladen24.de%2F&afsrc=1&cache=DAQ5KN7U19MEFCU9T3H886IRRUF1UNJE&vid=null&dnt=0
Protocol
HTTP/1.1
Server
2606:4700::6813:a960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tarifladen24.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:37 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
p3p
CP="CAO PSA OUR"
Content-Type
image/png
Connection
keep-alive
CF-RAY
7a48f7b7bf5f2bf7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
68
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 041E 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 06:19:27 GMT
x-content-type-options
nosniff
age
10
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Mar 2023 06:34:27 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 041E 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 06:14:13 GMT
x-content-type-options
nosniff
age
324
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Mar 2023 06:29:13 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 041E 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c6a70a87218a9350ee98e57b650aa85e6501db574926f66e9f46ab0b0a03b22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 06:19:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5672
x-xss-protection
0
60005582_20221115025511085_APP_iPhone-13.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 041E 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20221115025511085_APP_iPhone-13.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5121fa7c466a01268b0b05bcac171f3def607f5328cb969acda93ce19f1c8e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 17:45:47 GMT
x-content-type-options
nosniff
age
45230
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15965
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 10:55:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Mar 2023 17:45:47 GMT
60005582_20220825085126854_120x600_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 041E 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085126854_120x600_BG.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f3a45557163486d81b5adb20f21ecdea4246a936cd0b60d0901517213652fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 06:19:37 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27732
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 15:51:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Mar 2023 06:19:37 GMT
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 041E 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13696017269262385152/120x600.html?e=69&leftOffset=0&topOffset=0&c=XNsWlWHDug&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 06:15:37 GMT
x-content-type-options
nosniff
age
240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Mar 2023 06:30:37 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 041E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 06:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Mar 2023 06:19:37 GMT
json2.js
hades.srvtrck.com/static/ Frame F162 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hades.srvtrck.com/static/json2.js
Requested by
Host: hades.srvtrck.com
URL: http://hades.srvtrck.com/v2/uuid.html
Protocol
HTTP/1.1
Server
2606:4700::6813:a960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caba961cf71d7213df26fc8d5f11212204b5968f62698056ce768dada4656676

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hades.srvtrck.com/v2/uuid.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:37 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 07 Mar 2023 01:31:48 GMT
Server
cloudflare
Age
72997
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Cache-Control
public, max-age=86400
Connection
keep-alive
CF-RAY
7a48f7b90e789238-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
Thu, 09 Mar 2023 06:19:37 GMT
hades-server2.js
hades.srvtrck.com/static/ Frame F162 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hades.srvtrck.com/static/hades-server2.js
Requested by
Host: hades.srvtrck.com
URL: http://hades.srvtrck.com/v2/uuid.html
Protocol
HTTP/1.1
Server
2606:4700::6813:a960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3e8ec7865f2d8dffcd47b65e40efda889633cc02962596a6bf3d1be6d19a6dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hades.srvtrck.com/v2/uuid.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:37 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 07 Mar 2023 01:00:28 GMT
Server
cloudflare
Age
68235
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Cache-Control
public, max-age=86400
Connection
keep-alive
CF-RAY
7a48f7b90c8a2c61-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
Thu, 09 Mar 2023 06:19:37 GMT
profile
hades.srvtrck.com/v1/ Frame F162 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hades.srvtrck.com/v1/profile?action=create&ykuid=im9p2vhxcfjf5mkzveg8ws
Requested by
Host: hades.srvtrck.com
URL: http://hades.srvtrck.com/v2/uuid.html
Protocol
HTTP/1.1
Server
2606:4700::6813:a960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10fe36278af5ec590acb10c83ed5f99e70a4f07943cd465402d24d42c4392153

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hades.srvtrck.com/v2/uuid.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 06:19:37 GMT
CF-Cache-Status
MISS
Last-Modified
Wed, 08 Mar 2023 06:19:37 GMT
Server
cloudflare
Vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
Content-Type
image/gif
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7a48f7b93cc42c61-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
1095
Expires
Thu, 09 Mar 2023 06:19:37 GMT
hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
pagead2.googlesyndication.com/bg/ Frame F5A3 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 05:20:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
3521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14408
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Mar 2024 05:20:56 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3DA1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxShWy1U_KA6vsyoOGXEj1uuwqXY_yl82j5098YqqzsUO0eiXtZNjh7GbuWSvXctBUTCI3nM1bu24GJoo-KSg&sig=Cg0ArKJSzLHzjZphQ78MEAE&id=lidar2&mcvt=1000&p=0,0,600,120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=2027040027&rs=6&la=0&cr=0&vs=4&r=v&rst=1678256376427&rpt=973&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Mar 2023 06:19:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless string| faHtml object| YK object| YKConf object| Jaml function| hideYK function| fadeOutYK function| fadeOutYK2 function| setOpacityYK function| fadeYK function| fadeInYK function| ykShow function| ykHide function| getElm object| version object| YIELDLINK object| img object| iframe string| linkDomain

4 Cookies

Domain/Path Name / Value
.awin1.com/ Name: AWSESS
Value: 347929:2259291
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
tarifladen24.de/ Name: vidyk
Value: 1
tarifladen24.de/ Name: svidyk
Value: 1

4 Console Messages

Source Level URL
Text
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 109)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.check24.net
a.partner-versicherung.de
ad.doubleclick.net
d2a54pfih9ionq.cloudfront.net
dnlgm0m0r44nl.cloudfront.net
files.check24.net
googleads4.g.doubleclick.net
h.handyvertrag.de
h.premiumsim.de
h.sim.de
h.simplytel.de
h.smartmobil.de
h.winsim.de
hades.srvtrck.com
i.srvtrck.com
imagesrv.adition.com
js.srvtrck.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
s0.2mdn.net
tarifladen24.de
tpc.googlesyndication.com
www.awin1.com
www.communicationads.net
www.googletagservices.com
142.250.180.230
142.250.201.194
167.233.13.224
18.66.137.49
193.227.195.217
193.238.60.41
193.238.62.106
2.19.44.80
217.79.188.11
2600:9000:223f:3200:11:19ae:9580:93a1
2606:4700::6813:a860
2606:4700::6813:a960
2a00:1450:400d:807::2001
2a00:1450:400d:807::2002
2a00:1450:400d:808::2002
2a00:1450:400d:80a::2006
2a01:488:42:1000:b24d:7590:ff6e:e399
2a02:2350:5:109:80a4:30c1:1202:d9b4
04068b22e97b7b69e191260979d1bc91d4a9d9d8c4ef6f10fafa0c56891dcf01
0572717e3aa5113a454b7797dd5e350ce10507db60362b34098665121c830c7b
06a0713e77e4e88fc42ae00d6e240af2480445da2894071b3e781acbedde93db
0afc605c841dba9b7301501168a2b7739bb0c6a909f08a2467f7039fa7fb0af9
0f00cb4377fe0792751cb1c7d42dddd470c7d20073ca38106a7a298e59f269d0
10fe36278af5ec590acb10c83ed5f99e70a4f07943cd465402d24d42c4392153
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1671892bf155231b5d530edb9e3bf829c3555be03e9f5d895953be65384c46e0
19598680e5c40d93d35cd6c8183f0dc593705c8cfea1c05ea8256bc8d649eb7b
196a2877ed3b0dbaf6bd5a8292f2fe0baa135a143b21d3ccc0e7599af497ba4d
1ff68d043f2fcc6a25ba1db621caa76fef145cf714e8d37476aabce21adcb24f
22c610d404ada4ee3fa5c7cce2fca03b1ae119ca721be879474160f67e533af9
2424c6c57f79cac0e6095f5b086fea628c2263fa67cbf14647d959a0f658ab52
243c68000933eb03b6c36edb700a4f675ae811b68ba51136462d89d936347711
2474212dd52c4112a64c29b17b34c51f18a43d374a61379c9c9ae5671937f69f
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ae2ce4c5f63c1484fe1acbea15541ca8f33d896490ccfc6b260999d4cde480a
2e7a418b9e9f117e5171198899e304b6cd9a413f082f4565af7880bff97de0a2
34bb20edc2ac928510891e0519111d3a7d0f5e5b04225fa7535a03bbe307b806
3ae81187a4408a563581902cd0fbc3c481cf4a23edafd0fc3173ef49459eda4b
3f3a45557163486d81b5adb20f21ecdea4246a936cd0b60d0901517213652fa4
4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52ba6659eb876aa05c5b698833447305c2df665fbbbd94677f26854ade4cf605
57145153f81324ae965b6c5472578ebb2ade275a84d5203b2d10e25db82f8077
5d3fc2406d7c2918fc9717d5ef6d4d9973febd526af8a74034cee87ddf49de8b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6491a23884c5fe854fed22b5c3009971932fda9e052036aaea34a6abb800e466
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f722718fdece23485ef5db35aa80256b82537482bf2a9de0834555775829cfe
714cfd35dc25d26520563c8e3b6d812c0554e733e27337ab7b71b2504ec010f0
7516842ff556ff708e84893bf1006bf21e38f04a3374d64b64fb4db461b8c49c
763604c9b336b676ecacc34cf333f408ed2582f7705978f6d99efddc14ce0544
7a3f53998c0240b1a7f8f6ce20da5feb2c35fd303c7070c520e3a5217d2c9871
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
7c6a70a87218a9350ee98e57b650aa85e6501db574926f66e9f46ab0b0a03b22
7fe8764d9afa653bb315e024180c51d0d1bd7639dff0a6c1526b5a479ba29ca8
81ada7101073041b1352ea5a4dc1783f745d371ec0b884d7cfd92982cb899e89
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
8d1fd49e0ec09384c82edcbb42a70783e49cd37b0f740862be93ba1194087720
906b52ab53f50275ac2bcbe9dc652a7b93ab7e35790ae108c5794928bf0837f4
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
a2b051092403ea90e2fce266220427915411fa794c72c96f5e00e2c2a80396af
a5f73138bb6bed6e9972e398f69ffc47231a43048f71b2d47f932af3f9f3cf53
b1bfaa55f9c867045db19cbbb3c87608e7ce3f20ffa9db831a3c502001c2d538
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
b8ca00327e7965b1e6aa199e0bf3adf8574ff42a30e0ed6987675607c680f06f
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c5121fa7c466a01268b0b05bcac171f3def607f5328cb969acda93ce19f1c8e9
c81e882179c6c3cc0d00eeb02d34d49a9d26909430277a2787715ff92c80dee3
caba961cf71d7213df26fc8d5f11212204b5968f62698056ce768dada4656676
cd45713beee6c2428f11ad6444c6e2a6bbe1bfad330e68002052e9832a5dcc03
d33af8f86752679e915fe8cf12599b0061af4e90cd392dbbacaf811bb1742161
d4b484f84ef0081a1ce31561b14adfac4efe2d74a22c3bef8b7b4680a3285d5b
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e8ec7865f2d8dffcd47b65e40efda889633cc02962596a6bf3d1be6d19a6dd
e5ca41da0d597b0c2ae816145658a87571b3c6ae618ccfa93d5eda78b788eb21
eb83f5acc18b9ecc8591fe3ffe0b9b2c235b957776d14216d230bac55e0bd228
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0bccccee4d97f367f3bfc561e1536ee159ee43cb4c05fc5b90b215d5a38e51f
f2af67735eaba377798b2d8a2e6a2dd6cceccb1bcdaf4c4c3d25120c7dc7b3b9
f474bb6e52c05349e9f30b21f6e17d1c00e38b656dc5f837b46d72222ccca613
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
fc1f4385c1a3ad166a1443ad717a86783c8d4bb9c750d633e71910fb33c951f5